<html>

<head>

<?php

include "../includes/constants.php";

?>

</head>

<body onload="restore.src.focus()">

<form name="restore" method="POST" action="<?php echo $_SERVER["PHP_SELF"];?>">
<table border="0">
	<tr>
		<td>Restore from:</td>
		<td>
			<input type="text" size="1" name="src"></input>
		</td>
	</tr>
	<tr>
		<td>Restore to:</td>
		<td>
			<input type="text" size="1" name="dest"></input>
		</td>
	</tr>
</table>
<button type="submit">Submit</button>
</form>

<?php

if (isset($_POST["src"]) && isset($_POST["dest"])) {
	global $db;
	$query_get_src = "SELECT name,profile,x,y,z,zoneid,class,level FROM character_backup WHERE id='" . $_POST["src"] . "'";
	$result_get_src = mysql_query($query_get_src,$db);
	$db_row_get_src = mysql_fetch_array($result_get_src);
//	if (!get_magic_quotes_gpc()) {
		$db_row_get_src["profile"] = addslashes($db_row_get_src["profile"]);
//	};

	$query_put_dest = "UPDATE character_ SET profile='" . $db_row_get_src["profile"] . "' WHERE id='" . $_POST["dest"] . "'";
//	$query_put_dest = "UPDATE character_ SET name='" . $db_row_get_src["name"] . "',profile='" . $db_row_get_src["profile"] . "',x='" . $db_row_get_src["x"] . "',y='" . $db_row_get_src["y"] . "',z='" . $db_row_get_src["z"] . "',zoneid='" . $db_row_get_src["zoneid"] . "',class='" . $db_row_get_src["class"] . "',level='" . $db_row_get_src["level"] . "' WHERE id='" . $_POST["dest"] . "'";
	if (mysql_query($query_put_dest,$db)) {
		echo "Restore from (" . $_POST["src"] . ") to (" . $_POST["dest"] . ") successful!";
	} else {
		echo "Restore from (" . $_POST["src"] . ") to (" . $_POST["dest"] . ") failed!<br>\n";
		echo mysql_errno() . ": " . mysql_error() . "<br>\n";
		echo $query_put_dest;
	};
};

?>

</body>

</html>
